package com.kedacom.ctsp.authz.oauth2.configuration;

import com.kedacom.ctsp.authz.oauth2.provider.AuthzInterceptorHandler;
import com.kedacom.ctsp.authz.security.AuthzSecurityProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;

/**
 * @Author fenghaiju
 * @Date 2018-07-16
 */
@Configuration
@ConditionalOnProperty(prefix = "commons.authz.urls", value = "enable", matchIfMissing = true)
public class AuthzWebAppConfiguration extends WebMvcConfigurerAdapter {
    @Autowired
    AuthzSecurityProperties authzSecurityProperties;

    /**
     * 通过url权限判断
     *
     * @return
     */
    @Bean
    @ConditionalOnMissingBean(AuthzInterceptorHandler.class)

    public AuthzInterceptorHandler authzInterceptorHandler() {
        return new AuthzInterceptorHandler();
    }

    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        // addPathPatterns 用于添加拦截规则, 这里假设拦截 /url 后面的全部链接
        // excludePathPatterns 用户排除拦截
        registry.addInterceptor(authzInterceptorHandler()).addPathPatterns("/**").excludePathPatterns(authzSecurityProperties.getPermitAllUrl());
        super.addInterceptors(registry);
    }
}
